Agent

Revision as of 19:53, 5 June 2019 by Nigel (talk | contribs)

Home > An Overview > Concepts > Agents


Contents

1 Overview

Agents are software that are installed as a service on an operating system and they schedule policies and run actions sending the results back to the Veloopti SaaS server. The Veloopti agent is written in the C++ programming language. We use the Poco software library which means we can write the agent once but compile it to run on many different Operating Systems[1]. We have written the agent so there are very few external dependencies requirements. This is why the windows registry is not used in favor of file based configuration settings.

1.1 Downloading

To download the agent software navigate to the nodes page and click on the download agent icon Agent download.png.

1.2 Installing

1.3 Configuring

The Veloopti agent is configured from the web GUI.

Agent properties.png

Name Property
AgentID The string that the agent is known internally by Veloopti.
Agent Version The version of the agent that is currently installed.
Installed Date The date that the agent was installed on the server.
Activated Date The date that the agent was accepted into the organisation as a managed node.
Last Source IP The IP Address that the node is communicating with the Veloopti Agent Controller. Note that this is not the Local address but it may be the NAT'd address. It is the IP address that it ultimate uses to communicate with the Internet.
Log Level The level of detail that the agent will write to the logs files with. Use anything beyond Normal cautiously as it will increase the amount of disk space that the software will consume.

Normal The standard level of logging that the agent should be set to; Information An enhanced level of logging from Normal above. Also includes ??? Debug The level of logging that can be used to debug software bugs. Trace Writes virtually everything that the agent is doing to the log files.

Agent Status
Sentinel Status


1.4 Folders and files

There are 4 folders located where the Veloopti agent was installed.

Directory Description Contents
\bin Contains the program executables and any dynamically linked libraries (DLL's) that are required for the Operating System.
\conf Contains the configuration files Note that the configuration files are encrypted and may not be manually edited. conf.json is the agent specific configuration file and shouldn't be copied to any other agent. The \certs sub-folder contains the SSL certificates that are used to encrypt the traffic between the Veloopti servers and the agent. The \policies sub-folder contains the current policies that are running on the server.
\log Contains the log files Logging levels can be changed on the Agent software page of the Node
\tmp Contains temporary files Temporary files include the results from policies and actions that are waiting to be sent to the Veloopti Agent Controllers.

\agent - results from policies and actions that are waiting to be sent to the Veloopti Agent Controllers.

\chunks - stores partial files as the are being received from the Agent Controllers.

\files - stores complete files.

\upgrade - stores the new agent version before it is upgraded


1.5 Security

The agent does not listen to a port on the server. The agent creates an outbound only connection to the Veloopti Agent Controllers on port 443.

1.6 Agent Tokens

To be completed when tokens are implemented.


2 References

  1. The following are the supported Operating Systems of poco. Windows XP/Vista/7/8/10; Windows Embedded CE 6.0; Windows Embedded Compact 2013; Mac OS X 10.5-10.10; Linux; Solaris 9/10; FreeBSD 6.0; HP-UX 11.x; QNX 6.3-6.4